new to rails

I'm a web developer for a small web company that doesn't know how to say no to taking on projects, I'm a php developer mainly but I've been put in charge of this ruby on rails site, I can manage to fix most of their problems with the database, however, modifying the ruby on rails application is a different story, I can find the coding on the site fine enough to make modifications, but when I recently went to change a file the modifications I made to the code should have altered the behaviour of the website to allow 3 different user.id's to edit invoices, but really I was not making a change to the behaviour.

cameo@CAMEO-S1:/opt/cameo/current/app/controllers$ vi invoices_controller.rb
# To change this template, choose Tools | Templates
# and open the template in the editor.

def requires_lana if self.current_user.id != 93 || self.current_user.id != 16 || self.current_user.id != 69<-- this is the line I changed from if self.current_user.id != 29
flash[:error] = 'Only LanaS may currently access this part of the system.'
redirect_to '/'
end
end

def edit
@invoice_header = InvoiceHeader.find(params[:id])
end

def update
@invoice_header = InvoiceHeader.find(params[:id])
# we divied the amount by 1000 to make it easier on the user, so we need to undo that here
params[:invoice_header][:invoice_attributes].each do |offset, values|
values.each do |key, value|
values[key] = (values[key].to_f * 1000).to_i if key == 'rate_in_cents' || key == 'expense_amt_in_cents'
end
end
if @invoice_header.update_attributes(params[:invoice_header]).inspect
flash[:notice] = 'Invoice Details updated successfully'
redirect_to :back
else
render 'edit'
end
end
end
~

This change was supposed to allow 2 more admins to manage editing invoices, however, nothing happens and no link to edit the invoice appears.

The reasoning behind having to change this was the admin user Lana her dashboard one day all of a sudden decided not to work.

When I created a new user for Lana as user.id 93 and moved the code away from user.id 29 no rendering of the edit comes up for her or anybody else I've

intended it for. I switch the code back and her user back to 29 in the database the corrupted login and dashboard re-appear.

I'm probably stuck inside a proprietary business rules issue but I'm hoping all you smart ROR programmers out there can mental out what is going on

here. Is there possibly more code I need to be looking at? a model or view??

I second Adam's suggesting on adding a column for authorization. It might be a little over your head if you're just starting out, but adding CanCan to your application can be a life-saver if you find yourself doing this a lot (authorizing users for various tasks). It's definitely worth-while to learn a bit about both Ruby and the Rails framework before making changes, I highly recommend the Rails for Zombies series as brief introduction.

Since you're inheriting this application from somebody else, I would do a thorough analysis on the existing infrastructure. Probably most importantly is whatever is in the app/models folder and the test directory (assuming the application was tested).There might already be existing functionality for exactly what you're trying to do now and you're just duplicating work so it definitely doesn't hurt to check.

if I change the code to user 93 it doesn't show the edit link for the invoice, when I change the code back to user 29 the corrupted login and dashboard re-appear so this tells me the changes I make to the code take effect immediately.

The display of the "edit" link will be nothing to do with this. This particular code handles restricting access to the actual actions rather than any links within the views. You should take a look at the view to see what logic hides/shows the "edit" link.

if I change the code to user 93 it doesn't show the edit link for the invoice, when I change the code back to user 29 the corrupted login and dashboard re-appear so this tells me the changes I make to the code take effect immediately.

Make sure you look at the surrounding logic (if any) as well. The relevant logic may not be on the same line as the link.